This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

Alternative of DBCP when we can't have a proxy user

Oct 22nd, 2012, 12:58 AM

I am using Spring roo to develop web application , the JPA code generated by Spring roo is using dbcp connection pooling .
In our setup here we can’t have proxy users hence can’t use connection pooling here (I think) , here in any application the practice is we will get the user name and password from the login screen and will create a JDBC connection for him and will authenticate him and let him in the system if he was authenticated.
We will keep the user name password in session or we will keep the JDBC connection in the user session and later whenever we need we will use this connection.
The connection will be closed on user logout or on his Http session timeout.
I need your help to guide me what is the best practice by spring community to handle such cases (when we can’t have a connection pool).
Please note that I want to keep using ROO for all the other advantages and be able to provide my custom implementation in such cases.
Waiting for your kind response
Sajjad

I found out that the "org.springframework.jdbc.datasource.UserCredentia lsDataSourceAdapter" is the class to use in these cases and commneted the DBCP settings and configured my own data source like below

/**
* This method should have the database call where we will try to get the connection for this user , if connection is successfull this means user is authorized.
* I think if we want to check any needed roles we should also check the roles in this method instead of doing it in additionalAutheticationChecks or we can use
* the ThreadModel here (recomended by Haroon)
*/
protected UserDetails retrieveUser(String username,
UsernamePasswordAuthenticationToken authentication)
throws AuthenticationException {
// TODO Auto-generated method stub
// return null;
String password = (String) authentication.getCredentials();
if (!StringUtils.hasText(password))
{
throw new BadCredentialsException("Please enter password");

// Speaker speaker = Speaker.findSpeakersByEmailAndPasswordEquals(usern ame, \password).getSingleResult();
// authorities.add(new GrantedAuthorityImpl("ROLE_USER"));
//TODO here I should be trying to get the database connection using user name and password if connection successfully made then it means user is authenticated to use our system
// however I should be a able to store this connection in a place like ThreadModel or something and should be able to get it whenever I want in application
//ThreadContext.set("userName", "Sajjad");
//UserCredentialsDataSourceAdapter adapter=new UserCredentialsDataSourceAdapter();
getUserAdapter().setCredentialsForCurrentThread(us ername, password);
conn= getUserAdapter().getConnection();

}
catch (SQLException e) {
e.printStackTrace();
//**This means user credentials are not correct so we should throw EmptyResultDataAccessException from here
throw new BadCredentialsException("Invalid username or password");